Commenced in January 2007
Paper Count: 31100
A Security Analysis for Home Gateway Architectures
Abstract:Providing Services at Home has become over the last few years a very dynamic and promising technological domain. It is likely to enable wide dissemination of secure and automated living environments. We propose a methodology for identifying threats to Services at Home Delivery systems, as well as a threat analysis of a multi-provider Home Gateway architecture. This methodology is based on a dichotomous positive/preventive study of the target system: it aims at identifying both what the system must do, and what it must not do. This approach completes existing methods with a synthetic view of potential security flaws, thus enabling suitable measures to be taken into account. Security implications of the evolution of a given system become easier to deal with. A prototype is built based on the conclusions of this analysis.
Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1329817Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1312
 Digital Living Network Alliance. Dlna overview and vision whitepaper 2006. DLNA Whitepaper, 2006.
 Echonet Consortium. Echonet specifications, version 2.11. http://www.echonet.gr.jp/english/8 kikaku/index.htm.
 D. Ferraiolo and R. Kuhn. Role-based access controls. In 15th NISTNCSC National Computer Security Conference, pages 554-563, 1992.
 W. Haerick and S. Van Hoecke. Secure brokering of web services. In 5th FTW PhD Symposium, Ghent, Belgium, December 2004.
 A. Herzog and N. Shahmehri. Towards secure e-services: Risk analysis of a home automation service. In 6th Nordic Workshop on Secure ITSystems (Nordsec), pages 18-26, November 2001.
 HGI. Home gateway initiative, vision and whitepaper, 2005.
 M. Howard and D. LeBlanc. Writing Secure Code. Microsoft Press, 2001.
 International Standard Organization. Common criteria. International Standard ISO 15408, 1999.
 M. D-Hooge (Trialog). Report on a secure home network architecture and related protection profiles specification. Deliverable DA.3.7, ISTMediaNet Project, February 2006.
 Muse Consortium. Muse project presentation. Muse Public Deliverable D A0.1, July 2004.
 Muse Consortium. Detailed description of residential gateway and advanced features. Muse Public Deliverables D TF3.2, December 2005.
 Y. Royon, S. Frenot, and F. LeMouel. Virtualization of service gateways in multi-provider environment. In Component Based Software Engineering, 2006.
 T. Saito, I. Tomoda, Y. Takabatake, K. Teramoto, and K. Fujimoto. Gateway technologies for home network and their implementations. In IEEE Distributed Computing Systems Workshop,, pages 175-180, April 2001.
 Secretariat general de la defense nationale, DCSSI. Expression of needs and identification of security objectives, February 2004.
 Theaha Project. Towards secure, zero-configuration seamless interworking - architecture overview. Project IST-2004-507-029 Whitepaper, November 2005.
 Trialog. e-protection of appliances through secure and trusted access. E-Pasta IST Project Final Report 2000-26086, December 2002.
 S. Van Hoecke, W. Haerick, G. D. Jans, F. D. Turck, E. Laermans, B. Dhoedt, and P. Demeester. Design and implementation of a secure media content delivery broker architecture. In The 2005 International Symposium on Web Services and Applications (ISWS-05) in Las Vegas, USA, 2005.
 Y.-M. Wang, W. Russell, A. Arora, J. Xu, and R. K. Jagannathan. Towards dependable home networking: An experience report. In International Conference on Dependable Systems and Networks (DSN 2000), pages 43-48, 2000.
 D. Zhang, H. Lee, X. Ni, and S. Zheng. Open service residential gateway for smart homes. In ISCE, December 2003.